Firefox OS Security: Part 2 – User Experience and Security Updates

When presenting Firefox OS to people, security is a big topic. Can an operating system built on web technologies be secure? What has Mozilla built in to avoid drive-by downloads and malware? How can a browser-based app be secure without making the UX suffer by asking the user to react to a lot of “do you want to allow this?”. In this, the second of a two part video series Christian Heilmann (@codepo8), principal evangelist of Mozilla, talks to Michael Coates (@_mwc), chair of @OWASP Board about the user experience when it comes to installing and using apps and the security update model for Firefox OS.

Firefox OS was built on top of the technologies that power the Web. Following Mozilla’s security practices and knowledge from over 10 years of securing Firefox, Firefox OS is engineered as a multi-tiered system that protects users while delivering the power of the mobile web. The design ensures users are in control of their data and developers have APIs and technologies at their disposal to unlock the power of the Web.

Small screen.
Non-capacitive display?
Small market share.
I should be able to shut the display off just by pushing the power button.
I should be able to simply set timezone without having to set city.
Why should I have to set the date and time myself?
Don’t be afraid of color. (See the tiles on Windows Phone.)
On-screen buttons take up precious screen real estate.
Moving icons from one home screen to another not immediately obvious or possible.
No select/select all/copy/paste?
Filthy camera (but it works).
No natural language processing.
Status/notification bar should be hidden when watching full-screen videos in browser.